Privacy Policy

1. Introduction
Cybehave respects your privacy. We are committed to ensuring the protection and security of your personal data.
When this Policy mentions “we,” “us,” or the “Company,” it refers to the controller of your personal data under this Policy, namely Cybehave AS with which you had, have or will have a business relationship.This Privacy Policy explains the types of personal data that we may collect, the purposes for the collection, how the personal data is processed as well as your rights in relation to your personal data.

2. The Personal Data That We May Collect
When interacting with us, we may collect your personal data. The definition of personal data may vary from country to country. To ensure the protection of your personal data, we define it as any information that may directly or indirectly identify you.
We do not collect more personal data than what it is necessary to provide you and our customers with our services and products. Depending on the circumstances and on our business relationship with you, we may collect different categories of personal data, including, but not limited to the following:

Automatically Collected Personal Data When You Use Our Websites/Apps, depending on the circumstances:

– Browser type
– IP address
– Your browsing activities, such as the web pages you have clicked on our Websites and Apps
– The operating system you use
– Date and time of access

3. Sensitive Personal Data
We do not collect sensitive personal data. The definition of sensitive personal data varies from country to country. Cybehave considers sensitive personal data to be any information about you that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs and trade union membership in addition to data concerning your health, genetic and biometric information and sex life or sexual orientation.

4. Children’s Personal Data
We do not knowingly collect personal data from children. The definition of “children” is subject to local and national laws and may vary accordingly.

5. Links to Third Parties
Our Websites and Apps may contain links to websites of third parties which are not covered by this Privacy Policy. We do not accept any responsibility or liability for third-party websites.

6. Why Do We Collect Your Personal Data?
We may collect your personal data for multiple reasons. In general, we collect your personal data to:
• Enable you to browse on our websites and improve your user experience
• Provide you with our services
• Provide you with marketing and customer services
• Communicate with you about changes or updates, such as of our terms and conditions, privacy policy or any other matters that may be relevant to you
• Carry out data analytics
• Perform or conclude a contract between you and us

7. How Do We Process Your Personal Data?
We process your personal data in accordance with the following principles at all times:
• Lawfulness
When processing your personal data, we always ensure that the processing is done in accordance with the applicable laws.
• Transparency
When collecting your personal data, we strive to provide you with as much information as possible about the processing of your personal data.
• Purpose Limitation
Your data is collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with the original collection purpose.
• Data minimization
We only collect and/or process data which is strictly necessary for our services that include personal data processing activities.
• Accuracy
We keep your personal data as accurate as possible and you may rectify your personal data at any time.
• Storage Limitation
We do not retain your personal data for longer than it is necessary (see also Section 8 below).
• Integrity and Confidentiality
We make use of the appropriate security measures to ensure the protection of your personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.

8. How Long Do We Keep Your Personal Data?
We do not keep your personal data for longer than it is necessary. When keeping your personal data, we take into account legal obligations and the original purpose of collection. The retention period of your personal data may vary in accordance with the purpose of collection.

9. On What Legal Basis Do We Process Your Personal Data?
The processing of your personal data may be based on the following grounds:
• Your consent
o Please note that you may withdraw your consent at any time if our processing is based on your consent
• The necessity of data processing to conclude and/or perform a contract between you and us
• To comply with legal obligations as well as to establish, exercise, or defend ourselves from legal claims
• Our legitimate interests to the extent that these do not override your interests or fundamental rights and freedoms
• To perform a task in the public interest
The legal grounds for processing your personal data vary according to the circumstances and context for the collection. We do not process your personal data without a legal justification.

10. Do We Share Your Personal Data?
We may make your personal data available to affiliated companies as well as to its subcontractors or other trusted third parties.
If your data is collected within the EU and transferred to countries outside the EU which do not provide the same standard of personal data protection, we have put in place adequate measures to protect your data, such as organizational and legal means (including the EU Model Contract Clauses) to ensure the protection of your personal data.
When transferring your personal data, we make sure that we are compliant with the applicable data protection laws.

11. Your Rights
Your individual rights may vary depending on the applicable data protection laws. Where required by law and as long as the conditions laid out by law are met, we shall give effect to your rights to:
• Be informed about the processing of your personal data
• Access your personal data collected or processed by us
• Rectify your personal data
• Erase your personal data
• Object to the processing of your personal data
• Restrict the processing of your personal data
Should you believe that we have infringed the applicable data protection laws, you have the right to file a complaint before the competent Data Protection Authority.

12. Security of Your Personal Data
We use all available technical and organizational security measures in order to protect your personal data against a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, your personal data transmitted, stored or otherwise processed.
All of our employees are required to keep personal data confidential. We will only transfer your personal data to third parties as described in Section 10 of this Policy

13. Changes and Updates to This Privacy Policy
We may update, change, modify, add or amend this Policy by publishing a new version on our Website.
This Privacy Policy was published on November 2018.

14. How to Contact Us
Should you have any questions regarding the processing of your personal data or should you wish to exercise a right as provided in Section 11 of this Policy, please contact our Data Protection Officer at stefano@cybehave.com.

Cybehave

We want every organization to understand how its people is the most important defense against cyber attacks and adverse effects of such attacks. We provide the tools you need to make that reality.